`Nikto` is a popular web server vulnerability scanner that can be used to identify potential security issues on web servers. Here are some examples of how to use Nikto:
1. Basic Scan:
nikto -h http://example.com
This command performs a basic scan on the specified web server (replace `http://example.com` with the target URL).
2. Scan Multiple Hosts:
nikto -h http://example1.com https://example2.com
You can scan multiple hosts by specifying their URLs.
3. Output to a File:
nikto -h http://example.com -o /path/to/output.txt
Save the scan results to a file using the `-o` option.
4. Scan on a Specific Port:
nikto -h http://example.com -p 8080
Specify a custom port for the scan with the `-p` option.
5. Scan with Proxy:
nikto -h http://example.com -useproxy http://proxy-server:port
Use a proxy server for the scan with the `-useproxy` option.
6. Scan Specific Tests:
nikto -h http://example.com -T 0,1,2
Use the `-T` option to specify specific tests to run (0 for all, 1 for information, 2 for interesting files/directories).
7. Disable SSL Checks:
nikto -h https://example.com -ssl 0
Disable SSL checks with the `-ssl` option (useful when scanning self-signed certificates).
8. Customize User-Agent:
nikto -h http://example.com -ask ‘User-Agent: MyCustomUserAgent’
Specify a custom User-Agent for the scan with the `-ask` option.
Remember to replace `http://example.com` with the target URL and adjust the options as needed. Always use Nikto responsibly and with proper authorization, as scanning web servers without permission may be illegal and unethical.